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EXAMINER'S AMENDMENT 

1 . An examiner's amendment to tlie record appears below. Sliould tlie changes 
and/or additions be unacceptable to applicant, an amendment may be filed as provided 
by 37 CFR 1 .312. To ensure consideration of such an amendment, it MUST be 
submitted no later than the payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview 
with Evelyn M. Sommeron 03/20/2009. 

The application has been amended as follows: 

IN THE CLAIMS 

Cancel claims 26 and 30-31 . 

Replace claims 24 and 29 as follows: 

Claim 24: 

A hybrid authentication system, comprising: a distributed authentication 
infrastructure based on a web-of-trust service model and including a plurality of nodes in 
communication with each other, each of said plurality of nodes having an identification 
and intended to perform a series of functions, one of said series of functions for 
verifying said identification of said plurality of nodes; and a centralized authentication 
infrastructure based on a public key infrastructure and integrated into said distributed 
authentication infrastructure, said centralized authentication infrastructure including a 
certificate authority coupled to said plurality of nodes and utilized for verifying said 
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identification of said plurality of nodes; wherein said distributed authentication 
infrastructure is initially implemented and said centralized authentication infrastructure is 
later integrated into said distributed authenticated infrastructure, and wherein said 
plurality of nodes is a plurality of members including a first member and a second 
member, said certificate authority issuing a first group certificate to said first member 
that provides said first member with a first permission level, said certificate authority 
issuing a second group certificate to said second member that provides said second 
member with a second permission level, wherein said first permission level is greater 
than said second permission level : wherein said first group certificate enables said first 
member to enroll a new entity into the system and provide said new entity with a new 
permission level equivalent up to said first permission level. 

Claim 29: 

A hybrid authentication system, comprising: a distributed authentication 
infrastructure including a plurality of nodes in communication with each other, each of 
said plurality of nodes having an identification and intended to perform a series of 
functions, one of said series of functions for verifying said identification of said plurality 
of nodes; and a centralized authentication infrastructure integrated into said distributed 
authentication infrastructure, said centralized authentication infrastructure including a 
certificate authority coupled to said plurality of nodes and utilized for verifying said 
identification of said plurality of nodes; wherein said centralized authentication 
infrastructure provides a signed certificate for verifying said identification and wherein 
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said distributed authentication infrastructure is initially implemented and said centralized 
authentication infrastructure is later integrated into said distributed authenticated 
infrastructure : wherein said c e ntra l s e rv e r certificate authority is coupled to said plurality 
of nodes for at least one of Issuing a global directive thereto and supporting said 
plurality of nodes by assisting with at least one of an enrollment task, an authentication 
task, and a permission granting task: wherein said global directive includes at least one 
of a rekey instruction and a critical trust chain path, said rekey instruction and said 
critical trust chain path for providing a secured data transfer line. 

Allowable Subject Matter 

2. Claims 1 , 3, 6-24, 27, 29 and 32-38 are allowed. 

3. The following is an examiner's statement of reasons for allowance: 

The prior art of record, singularly or in combination, does not teach "wherein a 
plurality of nodes includes a verifying node coupled to a new entity for verifying the 
identification of said new entity and enrolling said new entity into the hybrid 
authentication system and wherein said verifying node signs a certificate related to said 
new entity and said central server publishes a certificate revocation list, said verifying 
node examining said certificate revocation list for determining whether said certificate 
has been revoked", "wherein said plurality of nodes is a plurality of members including a 
first member and a second member, said certificate authority issuing a first group 
certificate to said first member that provides said first member with a first permission 
level, said certificate authority issuing a second group certificate to said second member 
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that provides said second member with a second permission level, wherein said first 
permission level is greater than said second permission level; wherein said first group 
certificate enables said first member to enroll a new entity into the system and provide 
said new entity with a new permission level equivalent up to said first permission level" 
and "wherein said certificate authority is coupled to said plurality of nodes for at least 
one of issuing a global directive thereto and supporting said plurality of nodes by 
assisting with at least one of an enrollment task, an authentication task, and a 
permission granting task; wherein said global directive includes at least one of a rekey 
instruction and a critical trust chain path, said rekey instruction and said critical trust 
chain path for providing a secured data transfer line" at set forth in claims 1 , 23-24 and 
29. 

Any comments considered necessary by applicant must be submitted no later 
than the payment of the issue fee and, to avoid processing delays, should preferably 
accompany the issue fee. Such submissions should be clearly labeled "Comments on 
Statement of Reasons for Allowance." 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to TRANG DOAN whose telephone number is (571)272- 
0740. The examiner can normally be reached on Monday-Friday. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571 ) 272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Trang Doan/ 
Examiner, Art Unit 2431 
/Ayaz R. Sheikh/ 

Supervisory Patent Examiner, Art Unit 2431 



